You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

In the spam folder I noticed a email to me from one of my other Yahoo accounts that I use when I sign up to online forums.

I obviously didn't send it to myself, so did some investigating.

I don't have any contacts in that account, and it looks like the spam email was sent to the two addresses I had in the sent folder, although the spam email itself was NOT in the sent folder. Nothing in the account settings appears to have been changed.

I logged into that Yahoo account. When I checked in the account information section, it showed someone had accessed my email at 4:14 am from Thailand via Yahoo Mobile.

I don not use Yahoo mobile, and in fact own no mobile devises capable of using the internet. I went to another computer in the house and immediately changed the password for that Yahoo account.

So, the question i have is, does my system have an infection, or is it an issue on Yahoo's end?

I have run full scans of my system using Norton Internet Security 2012 (up to date), Malwarebytes and SUPERantispyware. All came back 100% clean. Could there be something on my system these programs aren't picking up? Should I try running them with windows in safe mode?

i somethimes use my PS3 to check my emails instead of turning my computer on. Is it possible for the PS3 to get infected with maleware/viruses?

Although I don't have a Yahoo account myself, three relatives and two others that I know of have had severe issues recently. My husband is the latest victim that I know of. He started off his day by finding out that his email had sent out a request for funds to help him get back from a vacation in Mexico City. He has many contacts for both his business and volunteer duties, not to mention friends and family, so many went out. When he tries to access his account, he gets an old format page with all of his email and contacts gone. I have been looking for information all day to try to help him. It seems that this is truly a yahoo problem and I've found news articles to back this up, even though Yahoo doesn't seem to think it's important enough to report on their front page. Not sure if this helps you or not, but I really don't think it's a personal problem with your email or with your father's. I'm new to this site. I signed up just now after reading your post, and hoping that others will pipe up with their experience and possible fixes.

With a single account hack usually I wouldn't suspect malware as the first culprit. A more likely scenario is either a weak password, password reuse, or something out of your control entirely. But, here are some questions just to be sure.

First, have you been experiencing any other symptoms that might lead you to believe that you have a malware infection?

Talked to my Dad this morning. Same thing happened to him today.

Have you used his computer to check the compromised account in the past? Has he used yours to check his? Have you sent him emails from the compromised account in the past, or vice-versa?

Have you checked the compromised account from any public computers, or public (unsecured) wifi?

I have used my Dad's computer to check my hacked yahoo account, but that was months ago. He has never used mine.

Neither of us have ever used our computers in public, or even logged into the Yahoo accounts from computers outside the house.

As for noticing other things:

About 6 weeks ago, I had a blue screen while my pc was booting up. Unfortunately, I was not able to see the error message before it went to the screen asking for me to choose boot in normal, safe ect. It has not happened since.

A few days ago, after I discovered the Yahoo account issue, in the bottom bar where the clock is, a dialoge box popped up like the one that comes up when you put in a new usb stick and windows installs the drivers for it. Again, it disappeared before I could get the message, i think it said updating drivers but for what I don't know.

Yesterday while online, I THINK Firefox opened a new browsing window on it's own. I say i think because my mouse scroll wheel is broken, so when i want to move down on a web page, i have to click the down arrow in the right margin.

The site I was on had an advertisement right next to the margin, so it is entirely possible I wasn't over far enough and accidentally clicked the advert instead of the down arrow.

After that I again ran scans of Norton IS 2012, Malwarebytes, SUPER antispyware, and Spybot, all clean.

I am expirencing a very similar issue as the OP and when I googled it I came upon this thread. I would like to add that I too received a large amount of failed delivery messages from a Yahoo account this morning. The account that was affected is one I use for signing up for store coupons, newsletters and such and mind you, I can't remember when I last logged into this particular account. I have only used a Mac, Iphone and Ipad for the last several months. I checked the history on the Yahoo account and it showed it had been accessed by Yahoo Mobile from UT, US at 8:06 this morning which was definitly not me. I also received a copy of the email being sent out as it mailed a message to one of my other email addresses. The message showed my Yahoo account address in the from box, my name in the subject line and a link that included agroafora.eu in it but there were no copies of these emails in the the sent folder. However, there were quite a few of my previous emails I knew I had sent but never deleted. I could also determine the addressees being used were from the sent box and not contacts, I only have a few names in the contacts.

I called Yahoo and I was told that I was not the only person this was happening to and they were working on. He also directed me to change my password which I did. However, from my search on Google I can see this is a huge ongoing issue with Yahoo. It will be a huge hassle but I may be better off closing this and my other Yahoo account and doing something more secure. The idea that someone was in my account really unnerved me, were they reading everything or is this some type of virus that is just scooping up addresses to mail spam with?

Also just remembered about a month ago, everything booted up and when I went to click an icon on the desktop, it didn't do anything. Non of the icons were responding. I rebooted, and they all functioned normally again.

I had an issue yesterday trying to download the update for Adobe Flash player. Anfter it downloaded, I went to install and firefox and Adobe came up as not responding. Took me a couple tries to get it installed.

I am expirencing a very similar issue as the OP and when I googled it I came upon this thread. I would like to add that I too received a large amount of failed delivery messages from a Yahoo account this morning. The account that was affected is one I use for signing up for store coupons, newsletters and such and mind you, I can't remember when I last logged into this particular account. I have only used a Mac, Iphone and Ipad for the last several months. I checked the history on the Yahoo account and it showed it had been accessed by Yahoo Mobile from UT, US at 8:06 this morning which was definitly not me. I also received a copy of the email being sent out as it mailed a message to one of my other email addresses. The message showed my Yahoo account address in the from box, my name in the subject line and a link that included agroafora.eu in it but there were no copies of these emails in the the sent folder. However, there were quite a few of my previous emails I knew I had sent but never deleted. I could also determine the addressees being used were from the sent box and not contacts, I only have a few names in the contacts.

I called Yahoo and I was told that I was not the only person this was happening to and they were working on. He also directed me to change my password which I did. However, from my search on Google I can see this is a huge ongoing issue with Yahoo. It will be a huge hassle but I may be better off closing this and my other Yahoo account and doing something more secure. The idea that someone was in my account really unnerved me, were they reading everything or is this some type of virus that is just scooping up addresses to mail spam with?

Blaize, please start your own topic for assistance with your issue. As each situation is unique, helping multiple people in one topic quickly becomes unwieldy and confusing for everyone involved.

***************************************************

G_MAN1974, except for the pop-up none of that sounds like malware. . . and since you've only had a single pop-up I wouldn't call that an infection either (your alternate explanation seems far more likely). It sounds to me like your account was compromised not due to malware, but due to one or more of the other factors I first listed. My recommendation would be to always use strong passwords, and do not use the same password everywhere. As for the various other issues listed, if they continue to recur please feel free to create a topic in the appropriate forum for assistance.

I'm probably just being paranoid because I had a nasty infection with the Smart HDD and Google re-direct last September. It was long before I discovered Bleeping Computer, so i ended up just wiping the HD and reinstalling the OS from the Dell discs that came with my computer.

I'm comfortable doing that, but it's just a hassle having to download all the Vista updates again.